Advances in Security Information Management: Perceptions and Outcomes


Guillermo de Tangil (Editor)
Computer Science Dept., University Carlos III of Madrid, Madrid, Spain

Series: Computer Science, Technology and Applications
BISAC: COM053000

Network security is still a critical task that involves different disciplines aimed at proactively protecting, preventing, and swiftly responding to attacks. However, the classic management-related flaws still persist, e.g. the analysis of large amounts of reported intrusion alerts, whilst coexisting with novel problematic issues such as the integration of many heterogeneous sensing interfaces.

Security information and event management (SIEM) then appears as the new paradigm to reconcile traditional intrusion detection systems along with recently advanced techniques such as event collection, aggregation, analysis, management and correlation. This book brings together the most novel research findings and the latest advances in security information management as well as compiling deeply settled technologies. The book firstly establishes the fundamentals of SIEM technology, and finally, new trends are also explored. (Imprint: Nova)



Table of Contents


Chapter 1: Security Information and Event Management Systems: A Need in the Real World
(Cristian Ruvalcaba, Intuit, Mountain View, CA, USA)

Chapter 2: Security Information and Vulnerability Management
(Massoud Kamran, Atos Worldline, Brussels, Belgium)

Chapter 3: Toward a Multistage Attack Detection Framework
(Jules Pagna Disso, EADS Innovation Works, Quadrant House, UK)

Chapter 4: Cooperative Approaches to SIEM and Intrusion Detection (Mirco Marchetti and Michele Colajanni, University of Modena and Reggio Emilia, Italy)

Chapter 5: On the Performance Evaluation of Intrusion Detection Systems
(Rashid Munir, Adeeb Alhomoud, Irfan Awan, and Jules Pagna Disso, School of Computing, Informatics and Media, University of Bradford, UK)

Chapter 6: Complex Event Processing Based SIEM
(Vincenzo Gulisano, Ricardo Jiménez Peris, Marta Patiño Martinez, Claudio Soriente and Valerio Vianello, Universidad Politécnica de Madrid, Spain)

Chapter 7: Evading IDSs and Firewalls as Fundamental Sources of Information in SIEMs
(Sergio Pastrana, Jose´ Montero-Castillo and Agustín Orfila, Computer Science Department, University Carlos III of Madrid, Spain)

Chapter 8: Honeypot Forensics for System and Network SIEM Design (Jeremy Briffaut, Patrice Clemente, Jean-Francois Lalande and Jonathan Rouzaud-Cornabas, Centre-Val de Loire Université, 
ENSI de Bourges, France)

Chapter 9: Advanced SIEM Technology for Critical Infrastructure Protection (Salvatore D’Antonio, Luigi Coppolino and Luigi Romano, University of Naples ‘Parthenope’, Italy)

Chapter 10: Towards an Intelligent Security Event Information Management System
(Guillermo Suarez-Tangil, Esther Palomar, Arturo Ribagorda and Yan Zhang, Department of Computer Science, Carlos III University of Madrid, Spain, and others)


Additional information